CA Access Gateway as Intermediate API

I'm working with a customer who has an application API behind SiteMinder. That customer is interested in knowing if anyone else has developed a solution where "MyApp" API makes a call to the CA Access Gateway API for Auth/Az web services, using a service account, to complete the transaction.

The requirement is we need to authenticate before "MyApp" returns a response to the client calling "MyApp".

Our thought process is we could have two parts within MyApp API. On "MyApp" being invoked, Part-A would initiate a SOAP / REST call to AuthAzWS. Based on the Response from AuthAzWS, "MyApp" would decide if Part-B could be triggered to complete a response.

We know how to generate a SOAP / REST call to AuthAzWS. The question is more from the implementation methodology on the Client Side (MyApp is the Client for AuthAzWS, in this case making a call to AuthAzWS). Hence it is a tad outside the remits of CA SSO, because we are asking a Client Side Implementation question.

Would love to hear some thoughts on different approaches, on how to invoke a call to AuthAzWS on the "MyApp" API end.

The requirement is we need to authenticate before "MyApp" returns a response to the client calling "MyApp".

Our thought process is we could have two parts within MyApp API. On "MyApp" being invoked, Part-A would initiate a SOAP / REST call to AuthAzWS. Based on the Response from AuthAzWS, "MyApp" would decide if Part-B could be triggered to complete a response.

We know how to generate a SOAP / REST call to AuthAzWS. The question is more from the implementation methodology on the Client Side (MyApp is the Client for AuthAzWS, in this case making a call to AuthAzWS). Hence it is a tad outside the remits of CA SSO, because we are asking a Client Side Implementation question.

Would love to hear some thoughts on different approaches, on how to invoke a call to AuthAzWS on the "MyApp" API end.